People seeking jobs online have been targeted a number of times since the advent of the economic recession, but in India even the potential employers become targets.
Symantec warns that phishing version of an Indian job site has been put online, and that it’s goal is to collect login credentials and to initiate a spam run targeting those very same users with messages that say that in order to keep or upgrade their access to the contents of the site, they must pay a certain amount of money.
If the user follows the provided link, he is taken to another phishing page where credit card numbers, PINs and similar information is inserted and, consequently, stolen.
Not stopping there, the people behind this scheme prove themselves to be equal opportunity attackers by targeting also the people applying for jobs. With the gained information, they impersonate employers and spam the job seekers with fake job opportunities that likely contain a malicious link.